<!DOCTYPE html>
<html>

<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
	<meta name="theme-color" content="#33474d">
	<title>LVS的NAT设置 | 失落的乐章</title>
	<link rel="stylesheet" href="/css/style.css" />
	
      <link rel="alternate" href="/atom.xml" title="失落的乐章" type="application/atom+xml">
    
</head>

<body>

	<header class="header">
		<nav class="header__nav">
			
				<a href="/archives" class="header__link">Archive</a>
			
				<a href="/tags" class="header__link">Tags</a>
			
				<a href="/atom.xml" class="header__link">RSS</a>
			
		</nav>
		<h1 class="header__title"><a href="/">失落的乐章</a></h1>
		<h2 class="header__subtitle">技术面前，永远都是学生。</h2>
	</header>

	<main>
		<article>
	
		<h1>LVS的NAT设置</h1>
	
	<div class="article__infos">
		<span class="article__date">2017-10-12</span><br />
		
		
			<span class="article__tags">
			  	<a class="article__tag-link" href="/tags/LVS/">LVS</a>
			</span>
		
	</div>

	

	
		<h2 id="1-环境说明"><a href="#1-环境说明" class="headerlink" title="1.环境说明"></a>1.环境说明</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;三台服务器一台作为 director ，两台作为 real server ，Diretcor 有一个外网 ip （192.168.119.110）和一个内网 ip（192.168.0.67），两个 real server 上只有内网 ip （192.168.0.66）和（192.168.0.65）并且需要把两个 real server 的内网网关设置为 diretcor 的内网 ip （192.168.0.67）</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改 hostname </p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;dir 192.168.0.67</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;rs1 192.168.0.66</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;rs2 192.168.0.65</p>
<h2 id="2-安装和配置"><a href="#2-安装和配置" class="headerlink" title="2.安装和配置"></a>2.安装和配置</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;两个 real server 上都安装 nginx 服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">yum install -y nginx</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;director 上安装 ipvsadm</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@dir ~]<span class="comment"># yum install -y ipvsadm</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;Director 上编辑 nat 实现脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@dir ~]<span class="comment"># vim /usr/local/sbin/lvs_nat.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;写入一下内容</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div></pre></td><td class="code"><pre><div class="line"><span class="meta">#! /bin/bash</span></div><div class="line"><span class="comment"># director 服务器上开启路由转发功能: </span></div><div class="line"><span class="built_in">echo</span> 1 &gt; /proc/sys/net/ipv4/ip_forward </div><div class="line"><span class="comment"># 关闭icmp的重定向</span></div><div class="line"><span class="built_in">echo</span> 0 &gt; /proc/sys/net/ipv4/conf/all/send_redirects</div><div class="line"><span class="built_in">echo</span> 0 &gt; /proc/sys/net/ipv4/conf/default/send_redirects</div><div class="line"><span class="built_in">echo</span> 0 &gt; /proc/sys/net/ipv4/conf/eth0/send_redirects</div><div class="line"><span class="built_in">echo</span> 0 &gt; /proc/sys/net/ipv4/conf/eth1/send_redirects</div><div class="line"></div><div class="line"><span class="comment"># director 设置nat防火墙</span></div><div class="line">iptables -t nat -F</div><div class="line">iptables -t nat -X</div><div class="line">iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE</div><div class="line"><span class="comment"># director设置ipvsadm</span></div><div class="line">IPVSADM=<span class="string">'/sbin/ipvsadm'</span></div><div class="line"><span class="variable">$IPVSADM</span> -C</div><div class="line"><span class="variable">$IPVSADM</span> -A -t 192.168.119.110:80 -s lc -p 300</div><div class="line"><span class="variable">$IPVSADM</span> -a -t 192.168.119.110:80 -r 192.168.0.66:80 -m -w 1</div><div class="line"><span class="variable">$IPVSADM</span> -a -t 192.168.119.110:80 -r 192.168.0.65:80 -m -w 1</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;保存后，在 Director 上直接运行这个脚本就可以完成 lvs/nat 的配置了。</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@dir ~]<span class="comment"># sh /usr/local/sbin/lvs_nat.sh</span></div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/LVS%E7%9A%84NAT%E8%AE%BE%E7%BD%AE/01.png?raw=true" alt=""></figure></p>
<h2 id="3-测试"><a href="#3-测试" class="headerlink" title="3.测试"></a>3.测试</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;通过浏览器测试两台机器上的 web 内容 <a href="http://192.168.119.110" target="_blank" rel="external">http://192.168.119.110</a> 。为了区分开，可以把 nginx 的默认页修改一下</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;在 rs1 上执行</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@rs1 ~]<span class="comment"># echo "rs1rs1" &gt; /usr/share/nginx/html/index.html</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;在 rs2 上执行</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@rs2 ~]<span class="comment"># echo "rs2rs2" &gt; /usr/share/nginx/html/index.html</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;注意，切记一定要在两台 rs </p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/LVS%E7%9A%84NAT%E8%AE%BE%E7%BD%AE/02.png?raw=true" alt=""></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;刷新一下</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/LVS%E7%9A%84NAT%E8%AE%BE%E7%BD%AE/03.png?raw=true" alt=""></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;或者使用 curl</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/LVS%E7%9A%84NAT%E8%AE%BE%E7%BD%AE/04.png?raw=true" alt=""></figure></p>

	

	
		<span class="different-posts"><a href="/2017/10/12/LVS/17. LVS的NAT设置/" onclick="window.history.go(-1); return false;">⬅️ Go back </a></span>

	

</article>

	</main>

	<footer class="footer">
	<div class="footer-content">
		
	      <div class="footer__element">
	<p>Hi there, <br />welcome to my Blog glad you found it. Have a look around, will you?</p>
</div>

	    
	      <div class="footer__element">
	<h5>Check out</h5>
	<ul class="footer-links">
		<li class="footer-links__link"><a href="/archives">Archive</a></li>
		
		  <li class="footer-links__link"><a href="/atom.xml">RSS</a></li>
	    
		<li class="footer-links__link"><a href="/about">about page</a></li>
		<li class="footer-links__link"><a href="/tags">Tags</a></li>
		<li class="footer-links__link"><a href="/categories">Categories</a></li>
	</ul>
</div>

	    

		<div class="footer-credit">
			<span>© 2017 失落的乐章 | Powered by <a href="https://hexo.io/">Hexo</a> | Theme <a href="https://github.com/HoverBaum/meilidu-hexo">MeiliDu</a></span>
		</div>

	</div>


</footer>



</body>

</html>
